摘要 |
A host machine 502 manages a number of virtual machines 510 by means of a supervisory process 504. The host operates a threat management facility 508 which communicates with the virtual machines to enforce a security policy of the enterprise operating the virtual machines. The virtual machines are capable of operating in a first state 514A where they are protected through the threat management facility, and a second state 514B where the threat management facility is absent, in which the virtual machines enforce the security policy autonomously through a local security facility 204 executed on the individual VM. This allows the VM to remain protected from malicious activity in the event of communication disruption, or in circumstances where the VM is disconnected from the enterprise network and operating independently. The transition between states may be initiated automatically, or by the user. |